Please answer ALL the questions carefully. Thanks organization\'s IT manager is
ID: 3715104 • Letter: P
Question
Please answer ALL the questions carefully. Thanks
organization's IT manager is implementing some new controls related to the secure 44- An management and configuration of networking equipment within the production architectures. One of the controls requires log files to be stored away from the network perimeter and secured against unauthorized modification. Which of the following would BEST provide the capability required to the address this control? A) File integrity monitor B) SIEM C) DMZ D) Local RAID drive 51- A Security technician is reviewing a new vendor's practices for a project, but the vendors only supply SLA your documentation. Which of the following should the security technician request to understand the vendor's adherence own policies? A) Controls data audits B) Entry log audits C) Access log audits D) Security log audits 52- A company has given laptops to all retail salespeople. The sales staff operates in an open showroom that is often filled with the customers. The laptops connect over the Internet to corporate headquarters and accessing this information if they are left unattached. Additionally, there have been several issues of malware bypassing traditional antivirus and anti Malware countermeasure and infecting the laptops. The security teams have determined that a vector of these infections have all been through buffer overflow attacks on a web browsers plugin. Management ask management has asked to the security team to help prevent this to help prevent the security team to help prevent this security risk while maintaining employee's access to the Internet. Which of the following security measures would BEST fulfill those requirements? (Select two answers) A) install cable locks on the laptops B) Implement full disk encryption on the laptops. C) Implement a five-minute lockout policy D) Enable DEP and ASLR on the laptops' OSs. E) Install a HIDS on the salespeople's laptops F) Use an application blacklist on the laptops 53- The company employs a firewall to protect its internal network. An internal router resides directly behind the firewall and it's used to segment traffic to different subnets. Which of the following terms MOST accurately describes the use of multiple devices in layers and to protect a network? A) Zoning B) Defense-in-depth C) Logical segmentation D) Network hardeningExplanation / Answer
44)SIEM
Log monitoring is necessary to find intrusions into a private network. Each of the network perimeter devices described above have logs generated by the activity they monitor or block. In order to properly interpret and correlate events a trained technician should be employed. Although alerts to malicious activity will be present in these logs, only a human can interpret the events from these devices to conclude an actual intrusion occurred. Management should receive regular executive summary reports from the review of these logs to stay apprised of the security of their network. Security Information and Event Management (SIEM) systems can correlate logs with an event associated with network activity. This can provide more clarity than just monitoring long log files and can help identify the most probable attacks on a private network. SIEM systems are more useful in larger networks that have complex perimeter configurations and are often too costly for smaller banks.
51)CONTROL DATA AUDITS
53)NETWORK HARDENING
, hardening is usually the process of securing a system by reducing its surface of vulnerability, which is larger when a system performs more functions; in principle a single-function system is more secure than a multipurpose one.
Related Questions
drjack9650@gmail.com
Navigate
Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.